Security Working Group - Wednesday April 1 - highlights

Joseph Reynolds jrey at linux.ibm.com
Sat Apr 4 02:31:50 AEDT 2020


On 4/2/20 1:52 PM, Patrick Williams wrote:
> On Thu, Apr 02, 2020 at 01:44:45PM -0500, Joseph Reynolds wrote:
>> On 3/31/20 11:21 AM, Joseph Reynolds wrote:
>>> This is a reminder of the OpenBMC Security Working Group meeting
>>> scheduled for this Wednesday April 1 at 10:00am PDT.
>>>
>>> We'll discuss current development items, and anything else that comes up.
>>>
>>> The current topics:
>>>
>>> 1. SELinux or AppArmor plans
>> Topic 1 has three points:
>> 1a. We would also want to move away from all processes running as root.
>> https://github.com/openbmc/openbmc/issues/3383  Next step is create
>> issue for each repo.
> Have the technical issues all been worked out on that issue?  Is there a
> design documented of what "each repo" is suppose to do?  It seems like
> kind of a leap to ask each repo to just not run as root at this point.
>

Patrick,

Thanks for asking.  There are technical issues to be worked out (ref: 
issue 3383).

Correction to 1a. Work out technical issues, then ask all daemons to 
move away from running as root.

- Joseph



More information about the openbmc mailing list